diff --git a/data-explorer/business-continuity-overview.md b/data-explorer/business-continuity-overview.md index 9810a668c6..d9496f0fa8 100644 --- a/data-explorer/business-continuity-overview.md +++ b/data-explorer/business-continuity-overview.md @@ -3,7 +3,7 @@ title: Azure Data Explorer Business Continuity Overview description: Learn how Azure Data Explorer ensures business continuity and disaster recovery with high availability and disaster recovery configurations. ms.reviewer: ankhanol ms.topic: concept-article -ms.date: 08/27/2025 +ms.date: 05/11/2026 ms.custom: - ai-gen-docs-bap - ai-gen-title @@ -82,6 +82,7 @@ This solution offers the least recoverability (highest RPO and RTO), is the lowe Regardless of which disaster recovery configuration is chosen, follow these best practices: +* **Lock your cluster**: Apply a **Delete** ARM management lock to your clusters. This prevents accidental deletion and protects against infrastructure-as-code tools (such as Terraform) that may attempt to delete and recreate your cluster when modifying read-only properties. See [Manage cluster locks](manage-cluster-locks.md) for implementation guidance. * All database objects, policies, and configurations should be persisted in source control so they can be released to the cluster from your release automation tool. For more information, see [Azure DevOps support for Azure Data Explorer](devops.md). * Design, develop, and implement validation routines to ensure all clusters are in-sync from a data perspective. Azure Data Explorer supports [cross cluster joins](/kusto/query/cross-cluster-or-database-queries?pivots=azuredataexplorer?view=azure-data-explorer&preserve-view=true). A simple count or rows across tables can help validate. * Release procedures should involve governance checks and balances that ensure mirroring of the clusters. diff --git a/data-explorer/manage-cluster-locks.md b/data-explorer/manage-cluster-locks.md index 07a9c4e335..86c8e6689a 100644 --- a/data-explorer/manage-cluster-locks.md +++ b/data-explorer/manage-cluster-locks.md @@ -3,7 +3,7 @@ title: Manage Cluster Locks in Azure Data Explorer description: Learn how to manage Azure Data Explorer cluster locks to prevent accidental deletion of data using the Azure portal. ms.reviewer: orhasban ms.topic: how-to -ms.date: 03/15/2026 +ms.date: 05/11/2026 --- # Manage Azure Data Explorer cluster locks to prevent accidental deletion in your cluster @@ -19,6 +19,9 @@ In the Azure portal, you can set **Delete** or **Read-only** locks that prevent This article describes how to lock and unlock your cluster by using the Azure portal. For more information about locking Azure resources by using the portal, see [Lock your resources to protect your infrastructure](/azure/azure-resource-manager/management/lock-resources). For information about how to lock your cluster programmatically, see [Management Locks - Create Or Update At Resource Level](/rest/api/resources/management-locks/create-or-update-at-resource-level). +> [!IMPORTANT] +> We recommend applying a lock to your cluster to protect against both accidental deletion and infrastructure-as-code scenarios. If you use tools like Terraform to manage your cluster infrastructure, a read-only lock is essential. Terraform may delete and recreate your cluster when it detects changes to read-only properties, resulting in complete data loss. An ARM lock prevents this destructive behavior. + ## Lock your cluster in the Azure portal 1. Sign in to the [Azure portal](https://portal.azure.com/).